[Secure-testing-commits] r29712 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Tue Oct 28 22:16:00 UTC 2014


Author: jmm
Date: 2014-10-28 22:16:00 +0000 (Tue, 28 Oct 2014)
New Revision: 29712

Modified:
   data/CVE/list
Log:
tnftp no-dsa


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2014-10-28 22:13:37 UTC (rev 29711)
+++ data/CVE/list	2014-10-28 22:16:00 UTC (rev 29712)
@@ -1,7 +1,8 @@
 CVE-2014-XXXX [ftp(1) can be made execute arbitrary commands by malicious webserver]
-	- tnftp <unfixed>
+	- tnftp <unfixed> (low)
+	[wheezy] - tnftp <no-dsa> (Minor issue)
+	[squeeze] - tnftp <no-dsa> (Minor issue)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/10/28/4
-	TODO: check
 CVE-2014-XXXX [Off-by-one count when parsing an 8BIM profile]
 	- imagemagick 8:6.8.9.9-1
 CVE-2014-XXXX [Don't clone a 0x0 image breaking some assumption]




More information about the Secure-testing-commits mailing list